ahoj, zpomaluje se mi NB, když vypnu svchost.exe, trochu se mi zrychlí, ale pořád je to proti původní rychlosti hrůza. Nevím, jak se tu komunikuje, ale stáhnuljsem si Váš prográmek v sekci "šmejdi,..." a tady je výsledek (snad mi pomůžete):
Logfile of random's system information tool 1.08 (written by random/random)
Run by Pavel - Šoltys at 2010-09-14 23:48:55
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 11 GB (39%) free of 27 GB
Total RAM: 446 MB (21% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:49:10, on 14.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Arcade\PCMService.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Pavel - Šoltys\Plocha\RSIT.exe
C:\Program Files\trend micro\Pavel - Šoltys.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... g4upPOIG5A
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (file missing)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Family Toolbar\tbhelper.dll
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - (no file)
O2 - BHO: MHTBPos00 - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files\Family Toolbar\tbcore3.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (file missing)
O3 - Toolbar: Family Toolbar - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Family Toolbar\tbcore3.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... 2010032317
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E153AE6A-CF18-4AC5-AE25-8FE63B4C9711}: NameServer = 10.0.0.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
--
End of file - 9065 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\HPpromotions journeysoftware.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2913755061-352055090-1495985658-1005Core1cb423619b58fac.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}]
MHTBPos00 Class - C:\Program Files\Family Toolbar\tbcore3.dll [2009-05-07 2642432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-03 263280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-02 764912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll []
{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - Family Toolbar - C:\Program Files\Family Toolbar\tbcore3.dll [2009-05-07 2642432]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-03 263280]
{07B18EA9-A523-4961-B6BB-170DE4475CCA}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-10-07 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-10-07 688218]
"SiSPower"=SiSPower.dll,ModeAgent []
"SiS Windows KeyHook"=C:\WINDOWS\system32\keyhook.exe [2005-03-04 32768]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PCMService"=C:\Program Files\Arcade\PCMService.exe [2005-03-09 49152]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"LManager"=C:\Program Files\Launch Manager\QtZgAcer.EXE [2005-03-28 315392]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912]
"LaunchApp"=Alaunch []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"Family Tree Builder Update"=C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2009-01-14 113680]
"eRecoveryService"=C:\Windows\System32\Check.exe [2005-03-23 245760]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-10-07 88363]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-02-23 77824]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-08-12 2215064]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-30 68856]
"Google Update"=C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-03-07 135664]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Fax"=2
"Bonjour Service"=2
"ekrn"=2
"EHttpSrv"=3
"WMPNetworkSvc"=3
"Pml Driver HPZ12"=3
"ose"=3
"odserv"=3
"MyWebSearchService"=2
"MSCamSvc"=2
"idsvc"=3
"ICQ Service"=2
"gusvc"=3
"avast! Web Scanner"=3
"avast! Mail Scanner"=3
"avast! Antivirus"=2
"aswUpdSv"=2
"anbmService"=2
"ACDaemon"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe"="C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe:*:Enabled:Kaspersky Internet Security 2009 Setup"
"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\Pavel - Šoltys\Plocha\utorrent17920\utorrent.exe"="C:\Documents and Settings\Pavel - Šoltys\Plocha\utorrent17920\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\iSpQ VideoChat 9\ispqvideochat9.exe"="C:\Program Files\iSpQ VideoChat 9\ispqvideochat9.exe:*:Enabled:iSpQ Video chat software for desktop computers."
"C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.dll"="C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin"
"C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======File associations======
.js - open - %SystemRoot%\System32\CScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"
.vbs - open - %SystemRoot%\System32\CScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-09-14 23:48:56 ----D---- C:\Program Files\trend micro
2010-09-14 23:48:55 ----D---- C:\rsit
2010-09-03 23:51:32 ----D---- C:\Program Files\ESET
2010-09-03 23:51:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-08-18 11:55:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-08-17 16:04:43 ----D---- C:\Program Files\VS Revo Group
======List of files/folders modified in the last 1 months======
2010-09-14 23:39:08 ----A---- C:\WINDOWS\system32\eRLog.ini
2010-09-14 23:31:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-14 22:26:06 ----A---- C:\WINDOWS\NeroDigital.ini
2010-09-03 23:41:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-27 21:48:50 ----A---- C:\WINDOWS\MyHeritage.INI
2010-08-17 23:44:50 ----RASH---- C:\boot.ini
2010-08-17 23:44:50 ----A---- C:\WINDOWS\win.ini
2010-08-17 23:44:50 ----A---- C:\WINDOWS\system.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 SISAGP;SiS AGP Filter; C:\WINDOWS\system32\DRIVERS\SISAGPX.sys [2003-07-18 36992]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-04-21 717296]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2005-02-25 13312]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-10-07 1270540]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-02-24 2311680]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2004-12-08 16896]
R3 int15.sys;int15.sys; \??\C:\Program Files\acer\eRecovery\int15.sys []
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2009-01-30 6144]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2005-03-02 240640]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2004-11-05 32768]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-07 185824]
R3 wlluc48;Wireless LAN PC Card Driver; C:\WINDOWS\system32\DRIVERS\wlluc48.sys [2001-12-19 155136]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 BCM43XX;Broadcom 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-12-21 369024]
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSHUSBVideo;NX6000/NX3000/VX7000 Filter Driver; C:\WINDOWS\System32\Drivers\nx6000.sys [2007-04-12 34136]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-08-12 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S4 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe []
S4 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-16 182768]
S4 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe []
S4 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720]
S4 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe []
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S4 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
hodně zpomalené všechny funkce
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: hodně zpomalené všechny funkce
Ahooooooooooj!
Potřebujete následující programy?:
C:\Program Files\ICQ6Toolbar
C:\Program Files\Family Toolbar
C:\Program Files\Google\Google Toolbar
C:\Program Files\Google\GoogleToolbarNotifier
Potřebujete následující programy?:
C:\Program Files\ICQ6Toolbar
C:\Program Files\Family Toolbar
C:\Program Files\Google\Google Toolbar
C:\Program Files\Google\GoogleToolbarNotifier
Re: hodně zpomalené všechny funkce
myslím, že ne... používám teda google prohlížeč, ale pokud to urychlí nb, rád přejdu na jiný, ICQ jsem odinstaloval už dávno a familly toolbar vůbec nevím co je... je možné, že to patří k programu "my heritage", který využívám - rodokmen online
Re: hodně zpomalené všechny funkce
stahnete si OTL: http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Pokud mate WIN 7 Nebo Vista spustte program Jako spravce.
Otevrete a zaskrtnete nasledujici polozky:
-Pro vsechny uzivatele
-Kontrola na havet "LOP"
-Kontrola na havet "Purity"
-stáří souborů dejte na 7.
Do spodniho okna pod modry napis Vlastní skenování a opravy vlozte tento script:
Kliknete na Prohledat. Probehne scan - kolem 5 minut a potom sem vlozte oba logy, ktere na Vas vybafnou.
Pokud mate WIN 7 Nebo Vista spustte program Jako spravce.
Otevrete a zaskrtnete nasledujici polozky:
-Pro vsechny uzivatele
-Kontrola na havet "LOP"
-Kontrola na havet "Purity"
-stáří souborů dejte na 7.
Do spodniho okna pod modry napis Vlastní skenování a opravy vlozte tento script:
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT Re: hodně zpomalené všechny funkce
OTL logfile created on: 15.9.2010 21:01:34 - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Documents and Settings\Pavel - Šoltys\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
446,00 Mb Total Physical Memory | 130,00 Mb Available Physical Memory | 29,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2000 2000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 26,38 Gb Total Space | 10,23 Gb Free Space | 38,80% Space Free | Partition Type: FAT32
Drive D: | 26,55 Gb Total Space | 26,48 Gb Free Space | 99,74% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ACER-F26B0E4EE4
Current User Name: Pavel - Šoltys
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.09.15 20:58:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel - Šoltys\Plocha\OTL.exe
PRC - [2010.09.13 00:18:14 | 000,975,928 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2010.08.12 14:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010.08.12 14:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009.01.30 23:39:52 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.03.28 13:52:08 | 000,360,448 | ---- | M] (acer Inc.) -- C:\Program Files\acer\eRecovery\Monitor.exe
PRC - [2005.03.28 12:30:44 | 000,315,392 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\QtZgAcer.EXE
PRC - [2005.03.09 18:59:26 | 000,049,152 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Arcade\PCMService.exe
PRC - [2005.03.04 13:13:04 | 000,032,768 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\Keyhook.exe
PRC - [2005.02.23 18:13:10 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004.10.07 23:44:24 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
========== Modules (SafeList) ==========
MOD - [2010.09.15 20:58:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel - Šoltys\Plocha\OTL.exe
MOD - [2008.04.14 04:21:46 | 001,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll
MOD - [2008.04.14 04:21:42 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2008.04.14 04:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004.10.07 23:44:16 | 000,069,722 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll
MOD - [2004.08.27 16:42:36 | 000,049,152 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\Shared Files\CLRCEngine.dll
MOD - [2004.08.18 20:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe -- (MyWebSearchService)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.08.12 14:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.08.12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.05.17 23:45:34 | 000,271,720 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2006.03.03 21:03:10 | 000,069,632 | ---- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004.08.16 15:17:20 | 001,287,168 | ---- | M] (OSA Technologies Inc.) [Disabled | Stopped] -- C:\Acer\eManager\anbmServ.exe -- (anbmService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - [2010.08.04 11:50:36 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010.08.03 13:28:36 | 000,095,896 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010.07.29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.04.21 00:39:18 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.01.30 20:47:04 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2008.04.14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2008.04.13 19:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008.04.13 19:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008.04.13 19:46:10 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2007.04.12 23:46:36 | 000,034,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2006.11.10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005.03.02 00:09:02 | 000,240,640 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2005.02.25 19:45:32 | 000,013,312 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2005.02.24 14:20:22 | 002,311,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.01.13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\acer\eRecovery\int15.sys -- (int15.sys)
DRV - [2004.12.21 10:32:12 | 000,369,024 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004.12.17 17:14:44 | 000,013,952 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2004.12.08 14:10:00 | 000,016,896 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr)
DRV - [2004.11.05 01:43:58 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnicxp.sys -- (SISNICXP)
DRV - [2004.10.07 23:33:46 | 000,185,824 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2004.10.07 19:51:08 | 001,270,540 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003.12.05 18:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003.07.18 09:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2001.12.19 16:46:44 | 000,155,136 | ---- | M] (Lucent Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wlluc48.sys -- (wlluc48)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... g4upPOIG5A
IE - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\..\URLSearchHook: {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Family Toolbar\tbhelper.dll ()
IE - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll File not found
IE - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin [2010.03.23 22:16:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.09.03 23:51:34 | 000,000,000 | ---D | M]
[2009.10.28 00:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Mozilla\Extensions
[2009.10.28 00:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Mozilla\Firefox\Profiles\epauc1l7.default\extensions
[2009.04.02 19:49:22 | 000,002,236 | ---- | M] () -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Mozilla\Firefox\Profiles\epauc1l7.default\searchplugins\askcom.xml
O1 HOSTS File: ([2004.08.18 20:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - No CLSID value found.
O2 - BHO: (no name) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O2 - BHO: (MHTBPos00 Class) - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files\Family Toolbar\tbcore3.dll ()
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll File not found
O3 - HKLM\..\Toolbar: (Family Toolbar) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Family Toolbar\tbcore3.dll ()
O3 - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\..\Toolbar\WebBrowser: (Family Toolbar) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Family Toolbar\tbcore3.dll ()
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [eRecoveryService] C:\WINDOWS\system32\Check.exe (acer Inc.)
O4 - HKLM..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [Monitor] C:\WINDOWS\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Arcade\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\Keyhook.exe (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-2913755061-352055090-1495985658-1005..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.220.46.1 89.203.152.3
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.03.09 11:09:54 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\Shell\AUtOpLAY\coMmAnD - "" = G:\hyxq.exe -- File not found
O33 - MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\Shell\AutoRun\command - "" = G:\hyxq.exe -- File not found
O33 - MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\Shell\ExpLOre\CoMMand - "" = G:\hyxq.exe -- File not found
O33 - MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\Shell\OPen\commANd - "" = G:\hyxq.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (http://www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)
========== Files/Folders - Created Within 7 Days ==========
[2010.09.15 20:59:13 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pavel - Šoltys\Plocha\OTL.exe
[2010.09.14 23:48:56 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.09.14 23:48:55 | 000,000,000 | ---D | C] -- C:\rsit
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2010.09.15 20:58:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel - Šoltys\Plocha\OTL.exe
[2010.09.15 20:00:02 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[2010.09.15 19:15:24 | 000,000,692 | ---- | M] () -- C:\WINDOWS\System32\eRLog.ini
[2010.09.15 19:14:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.15 19:14:40 | 468,242,432 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.15 19:14:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.14 23:59:42 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010.09.14 23:59:40 | 006,815,744 | -H-- | M] () -- C:\Documents and Settings\Pavel - Šoltys\NTUSER.DAT
[2010.09.14 23:59:40 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Pavel - Šoltys\ntuser.ini
[2010.09.14 23:47:56 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Pavel - Šoltys\Plocha\RSIT.exe
[2010.09.14 22:26:06 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.09.14 22:15:02 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2913755061-352055090-1495985658-1005Core1cb423619b58fac.job
[2010.09.14 16:17:28 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.08 22:49:04 | 000,189,440 | ---- | M] () -- C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.09.14 23:48:15 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Pavel - Šoltys\Plocha\RSIT.exe
[2010.03.23 22:01:44 | 000,000,065 | ---- | C] () -- C:\WINDOWS\FSaver.ini
[2010.03.13 14:41:45 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2010.02.21 12:01:34 | 000,000,305 | ---- | C] () -- C:\WINDOWS\maketorrent.ini
[2009.11.17 12:58:18 | 000,000,514 | ---- | C] () -- C:\WINDOWS\Viewer.INI
[2009.06.02 22:14:13 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2009.04.21 00:39:16 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.03.13 19:40:34 | 000,000,118 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.03.13 19:40:33 | 000,001,729 | R--- | C] () -- C:\WINDOWS\~~~runcd.ini
[2009.03.13 19:33:01 | 000,000,036 | ---- | C] () -- C:\WINDOWS\~PLKSTP.ini
[2009.03.09 22:35:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\musicmaker.INI
[2009.03.09 22:27:32 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\mgxasio.dll
[2009.03.09 22:25:48 | 000,005,729 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009.02.21 02:18:36 | 000,189,440 | ---- | C] () -- C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.05 20:17:28 | 000,000,688 | ---- | C] () -- C:\WINDOWS\MyHeritage.INI
[2009.02.05 20:16:15 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2009.02.03 21:51:36 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\fusioncache.dat
[2009.02.03 15:50:45 | 000,010,909 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2009.01.30 23:02:45 | 000,021,920 | ---- | C] () -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Hodnoty oddělené čárkami (Windows).ADR
[2009.01.30 21:50:32 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.01.30 20:51:10 | 000,000,692 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini
[2006.11.02 09:27:46 | 000,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini
[2005.03.09 11:09:30 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2005.03.07 16:49:02 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.03.07 16:46:41 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Acer.ini
[2005.03.07 16:46:40 | 000,000,312 | ---- | C] () -- C:\WINDOWS\uninstall.ini
[2005.03.07 16:29:35 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2005.03.07 16:28:44 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2005.03.07 16:28:44 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2005.03.07 16:28:44 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2005.03.07 16:20:18 | 000,083,997 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2005.03.07 16:20:04 | 000,201,667 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2005.03.07 16:15:02 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005.03.07 16:14:55 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005.03.07 16:08:06 | 000,037,776 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004.12.17 17:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2001.12.26 16:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[2001.07.06 15:30:00 | 000,003,165 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1980.01.01 00:00:00 | 000,002,790 | ---- | C] () -- C:\WINDOWS\ANTIV.INI
[1980.01.01 00:00:00 | 000,000,091 | ---- | C] () -- C:\WINDOWS\ALaunch.ini
========== LOP Check ==========
[2009.01.31 00:31:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.02.05 20:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MyHeritage
[2009.08.11 00:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.05.02 22:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.08.18 11:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.09.03 23:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.01.30 21:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\EuroTalk
[2009.02.05 20:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\The Complete Genealogy Reporter - FTB
[2009.02.05 20:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\MyHeritage
[2009.03.13 00:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Free Audio Editor
[2009.04.21 00:39:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\DAEMON Tools
[2009.06.02 22:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Image Zone Express
[2009.08.04 07:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Happy Foto
[2009.09.16 16:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Zoner
[2010.03.13 17:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Apowersoft
[2010.03.13 17:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\dcunningham.net
[2010.08.01 23:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\TeamViewer
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2009.01.30 23:39:52 | 000,068,856 | ---- | M] (Google Inc.)
"Google Update" = "C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2010.03.07 16:06:02 | 000,135,664 | ---- | M] (Google Inc.)
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
< c:\windows\*.* /U >
[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2005.03.07 16:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Identities
[2005.03.07 15:53:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Microsoft
[2009.01.30 21:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\EuroTalk
[2009.01.30 22:29:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Adobe
[2009.01.30 22:29:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Macromedia
[2009.01.30 23:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Google
[2009.01.31 00:31:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Mozilla
[2009.02.01 08:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\skypePM
[2009.02.03 15:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\AdobeUM
[2009.02.05 20:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\The Complete Genealogy Reporter - FTB
[2009.02.05 20:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\MyHeritage
[2009.02.14 20:01:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Ahead
[2009.02.14 20:16:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Apple Computer
[2009.02.23 18:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Cyberlink
[2009.03.13 00:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Free Audio Editor
[2009.03.30 19:09:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\WinRAR
[2009.04.21 00:39:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\DAEMON Tools
[2009.06.02 22:06:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\HP
[2009.06.02 22:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Image Zone Express
[2009.08.04 07:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Happy Foto
[2009.09.16 16:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Zoner
[2010.03.13 17:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Apowersoft
[2010.03.13 17:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\dcunningham.net
[2010.04.02 16:05:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Skype
[2010.07.11 23:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\ArcSoft
[2010.08.01 23:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\TeamViewer
< %APPDATA%\*.exe /s >
< MD5 for: AGP440.SYS >
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:AGP440.sys
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:atapi.sys
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 20:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: CDROM.SYS >
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:cdrom.sys
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 20:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.18 20:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 20:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 20:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:hal.dll
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 20:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:Changer.sys
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:isapnp.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2004.08.18 20:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 03:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.18 20:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 20:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 20:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.18 20:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.18 20:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.18 20:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 04:22:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2004.08.18 20:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=CB56F803D2CAF6B3F32E82D2F73F4B3A -- C:\i386\SYSTEM32\SMSS.EXE
< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 20:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:14 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748_1$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 20:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 20:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.18 20:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.18 20:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.04.21 00:39:18 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2005.03.07 15:52:36 | 000,450,560 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
[2005.03.07 15:52:36 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005.03.07 15:52:36 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.09.14 16:17:28 | 000,001,158 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[2010.09.15 19:15:24 | 000,000,692 | ---- | M] () -- C:\WINDOWS\system32\eRLog.ini
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Documents and Settings\Pavel - Šoltys\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
446,00 Mb Total Physical Memory | 130,00 Mb Available Physical Memory | 29,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2000 2000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 26,38 Gb Total Space | 10,23 Gb Free Space | 38,80% Space Free | Partition Type: FAT32
Drive D: | 26,55 Gb Total Space | 26,48 Gb Free Space | 99,74% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ACER-F26B0E4EE4
Current User Name: Pavel - Šoltys
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.09.15 20:58:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel - Šoltys\Plocha\OTL.exe
PRC - [2010.09.13 00:18:14 | 000,975,928 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2010.08.12 14:16:26 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010.08.12 14:16:12 | 002,215,064 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009.01.30 23:39:52 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.03.28 13:52:08 | 000,360,448 | ---- | M] (acer Inc.) -- C:\Program Files\acer\eRecovery\Monitor.exe
PRC - [2005.03.28 12:30:44 | 000,315,392 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\QtZgAcer.EXE
PRC - [2005.03.09 18:59:26 | 000,049,152 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Arcade\PCMService.exe
PRC - [2005.03.04 13:13:04 | 000,032,768 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\Keyhook.exe
PRC - [2005.02.23 18:13:10 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004.10.07 23:44:24 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
========== Modules (SafeList) ==========
MOD - [2010.09.15 20:58:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel - Šoltys\Plocha\OTL.exe
MOD - [2008.04.14 04:21:46 | 001,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll
MOD - [2008.04.14 04:21:42 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2008.04.14 04:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004.10.07 23:44:16 | 000,069,722 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll
MOD - [2004.08.27 16:42:36 | 000,049,152 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\Shared Files\CLRCEngine.dll
MOD - [2004.08.18 20:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe -- (MyWebSearchService)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.08.12 14:18:40 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.08.12 14:16:26 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.05.17 23:45:34 | 000,271,720 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2006.03.03 21:03:10 | 000,069,632 | ---- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2004.08.16 15:17:20 | 001,287,168 | ---- | M] (OSA Technologies Inc.) [Disabled | Stopped] -- C:\Acer\eManager\anbmServ.exe -- (anbmService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - [2010.08.04 11:50:36 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010.08.03 13:28:36 | 000,095,896 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010.07.29 13:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.04.21 00:39:18 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.01.30 20:47:04 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2008.04.14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2008.04.13 19:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008.04.13 19:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008.04.13 19:46:10 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2007.04.12 23:46:36 | 000,034,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2006.11.10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005.03.02 00:09:02 | 000,240,640 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2005.02.25 19:45:32 | 000,013,312 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2005.02.24 14:20:22 | 002,311,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.01.13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\acer\eRecovery\int15.sys -- (int15.sys)
DRV - [2004.12.21 10:32:12 | 000,369,024 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004.12.17 17:14:44 | 000,013,952 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2004.12.08 14:10:00 | 000,016,896 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr)
DRV - [2004.11.05 01:43:58 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnicxp.sys -- (SISNICXP)
DRV - [2004.10.07 23:33:46 | 000,185,824 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2004.10.07 19:51:08 | 001,270,540 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003.12.05 18:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003.07.18 09:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2001.12.19 16:46:44 | 000,155,136 | ---- | M] (Lucent Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wlluc48.sys -- (wlluc48)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... g4upPOIG5A
IE - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\..\URLSearchHook: {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Family Toolbar\tbhelper.dll ()
IE - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll File not found
IE - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin [2010.03.23 22:16:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.09.03 23:51:34 | 000,000,000 | ---D | M]
[2009.10.28 00:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Mozilla\Extensions
[2009.10.28 00:00:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Mozilla\Firefox\Profiles\epauc1l7.default\extensions
[2009.04.02 19:49:22 | 000,002,236 | ---- | M] () -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Mozilla\Firefox\Profiles\epauc1l7.default\searchplugins\askcom.xml
O1 HOSTS File: ([2004.08.18 20:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - No CLSID value found.
O2 - BHO: (no name) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O2 - BHO: (MHTBPos00 Class) - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files\Family Toolbar\tbcore3.dll ()
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll File not found
O3 - HKLM\..\Toolbar: (Family Toolbar) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Family Toolbar\tbcore3.dll ()
O3 - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\..\Toolbar\WebBrowser: (Family Toolbar) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Family Toolbar\tbcore3.dll ()
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [eRecoveryService] C:\WINDOWS\system32\Check.exe (acer Inc.)
O4 - HKLM..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [Monitor] C:\WINDOWS\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Arcade\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\Keyhook.exe (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-2913755061-352055090-1495985658-1005..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.220.46.1 89.203.152.3
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.03.09 11:09:54 | 000,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\Shell\AUtOpLAY\coMmAnD - "" = G:\hyxq.exe -- File not found
O33 - MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\Shell\AutoRun\command - "" = G:\hyxq.exe -- File not found
O33 - MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\Shell\ExpLOre\CoMMand - "" = G:\hyxq.exe -- File not found
O33 - MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\Shell\OPen\commANd - "" = G:\hyxq.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (http://www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)
========== Files/Folders - Created Within 7 Days ==========
[2010.09.15 20:59:13 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pavel - Šoltys\Plocha\OTL.exe
[2010.09.14 23:48:56 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.09.14 23:48:55 | 000,000,000 | ---D | C] -- C:\rsit
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2010.09.15 20:58:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel - Šoltys\Plocha\OTL.exe
[2010.09.15 20:00:02 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[2010.09.15 19:15:24 | 000,000,692 | ---- | M] () -- C:\WINDOWS\System32\eRLog.ini
[2010.09.15 19:14:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.15 19:14:40 | 468,242,432 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.15 19:14:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.14 23:59:42 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2010.09.14 23:59:40 | 006,815,744 | -H-- | M] () -- C:\Documents and Settings\Pavel - Šoltys\NTUSER.DAT
[2010.09.14 23:59:40 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Pavel - Šoltys\ntuser.ini
[2010.09.14 23:47:56 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Pavel - Šoltys\Plocha\RSIT.exe
[2010.09.14 22:26:06 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.09.14 22:15:02 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2913755061-352055090-1495985658-1005Core1cb423619b58fac.job
[2010.09.14 16:17:28 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.08 22:49:04 | 000,189,440 | ---- | M] () -- C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.09.14 23:48:15 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Pavel - Šoltys\Plocha\RSIT.exe
[2010.03.23 22:01:44 | 000,000,065 | ---- | C] () -- C:\WINDOWS\FSaver.ini
[2010.03.13 14:41:45 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2010.02.21 12:01:34 | 000,000,305 | ---- | C] () -- C:\WINDOWS\maketorrent.ini
[2009.11.17 12:58:18 | 000,000,514 | ---- | C] () -- C:\WINDOWS\Viewer.INI
[2009.06.02 22:14:13 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2009.04.21 00:39:16 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.03.13 19:40:34 | 000,000,118 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.03.13 19:40:33 | 000,001,729 | R--- | C] () -- C:\WINDOWS\~~~runcd.ini
[2009.03.13 19:33:01 | 000,000,036 | ---- | C] () -- C:\WINDOWS\~PLKSTP.ini
[2009.03.09 22:35:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\musicmaker.INI
[2009.03.09 22:27:32 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\mgxasio.dll
[2009.03.09 22:25:48 | 000,005,729 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009.02.21 02:18:36 | 000,189,440 | ---- | C] () -- C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.05 20:17:28 | 000,000,688 | ---- | C] () -- C:\WINDOWS\MyHeritage.INI
[2009.02.05 20:16:15 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll
[2009.02.03 21:51:36 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\fusioncache.dat
[2009.02.03 15:50:45 | 000,010,909 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2009.01.30 23:02:45 | 000,021,920 | ---- | C] () -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Hodnoty oddělené čárkami (Windows).ADR
[2009.01.30 21:50:32 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.01.30 20:51:10 | 000,000,692 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini
[2006.11.02 09:27:46 | 000,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini
[2005.03.09 11:09:30 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2005.03.07 16:49:02 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.03.07 16:46:41 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Acer.ini
[2005.03.07 16:46:40 | 000,000,312 | ---- | C] () -- C:\WINDOWS\uninstall.ini
[2005.03.07 16:29:35 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2005.03.07 16:28:44 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2005.03.07 16:28:44 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2005.03.07 16:28:44 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2005.03.07 16:20:18 | 000,083,997 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2005.03.07 16:20:04 | 000,201,667 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2005.03.07 16:15:02 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005.03.07 16:14:55 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005.03.07 16:08:06 | 000,037,776 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004.12.17 17:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2001.12.26 16:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[2001.07.06 15:30:00 | 000,003,165 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1980.01.01 00:00:00 | 000,002,790 | ---- | C] () -- C:\WINDOWS\ANTIV.INI
[1980.01.01 00:00:00 | 000,000,091 | ---- | C] () -- C:\WINDOWS\ALaunch.ini
========== LOP Check ==========
[2009.01.31 00:31:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.02.05 20:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MyHeritage
[2009.08.11 00:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.05.02 22:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.08.18 11:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.09.03 23:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.01.30 21:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\EuroTalk
[2009.02.05 20:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\The Complete Genealogy Reporter - FTB
[2009.02.05 20:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\MyHeritage
[2009.03.13 00:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Free Audio Editor
[2009.04.21 00:39:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\DAEMON Tools
[2009.06.02 22:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Image Zone Express
[2009.08.04 07:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Happy Foto
[2009.09.16 16:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Zoner
[2010.03.13 17:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Apowersoft
[2010.03.13 17:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\dcunningham.net
[2010.08.01 23:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\TeamViewer
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2009.01.30 23:39:52 | 000,068,856 | ---- | M] (Google Inc.)
"Google Update" = "C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2010.03.07 16:06:02 | 000,135,664 | ---- | M] (Google Inc.)
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
< c:\windows\*.* /U >
[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2005.03.07 16:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Identities
[2005.03.07 15:53:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Microsoft
[2009.01.30 21:57:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\EuroTalk
[2009.01.30 22:29:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Adobe
[2009.01.30 22:29:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Macromedia
[2009.01.30 23:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Google
[2009.01.31 00:31:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Mozilla
[2009.02.01 08:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\skypePM
[2009.02.03 15:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\AdobeUM
[2009.02.05 20:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\The Complete Genealogy Reporter - FTB
[2009.02.05 20:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\MyHeritage
[2009.02.14 20:01:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Ahead
[2009.02.14 20:16:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Apple Computer
[2009.02.23 18:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Cyberlink
[2009.03.13 00:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Free Audio Editor
[2009.03.30 19:09:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\WinRAR
[2009.04.21 00:39:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\DAEMON Tools
[2009.06.02 22:06:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\HP
[2009.06.02 22:46:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Image Zone Express
[2009.08.04 07:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Happy Foto
[2009.09.16 16:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Zoner
[2010.03.13 17:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Apowersoft
[2010.03.13 17:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\dcunningham.net
[2010.04.02 16:05:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\Skype
[2010.07.11 23:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\ArcSoft
[2010.08.01 23:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel - Šoltys\Data aplikací\TeamViewer
< %APPDATA%\*.exe /s >
< MD5 for: AGP440.SYS >
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:AGP440.sys
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:atapi.sys
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 20:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: CDROM.SYS >
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:cdrom.sys
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 20:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.18 20:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 20:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 20:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:hal.dll
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 20:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:Changer.sys
[2004.08.18 20:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:isapnp.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2004.08.18 20:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 03:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.18 20:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 20:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 20:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.18 20:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.18 20:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.18 20:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 04:22:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2004.08.18 20:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=CB56F803D2CAF6B3F32E82D2F73F4B3A -- C:\i386\SYSTEM32\SMSS.EXE
< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 20:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:14 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748_1$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 20:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 20:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.18 20:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.18 20:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.04.21 00:39:18 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2005.03.07 15:52:36 | 000,450,560 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
[2005.03.07 15:52:36 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005.03.07 15:52:36 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.09.14 16:17:28 | 000,001,158 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[2010.09.15 19:15:24 | 000,000,692 | ---- | M] () -- C:\WINDOWS\system32\eRLog.ini
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >
Re: hodně zpomalené všechny funkce
OTL Extras logfile created on: 15.9.2010 21:01:34 - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Documents and Settings\Pavel - Šoltys\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
446,00 Mb Total Physical Memory | 130,00 Mb Available Physical Memory | 29,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2000 2000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 26,38 Gb Total Space | 10,23 Gb Free Space | 38,80% Space Free | Partition Type: FAT32
Drive D: | 26,55 Gb Total Space | 26,48 Gb Free Space | 99,74% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ACER-F26B0E4EE4
Current User Name: Pavel - Šoltys
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.js [@ = JSFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2913755061-352055090-1495985658-1005\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\ICQ6\ICQ.exe" = C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- File not found
"C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe" = C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe:*:Enabled:Kaspersky Internet Security 2009 Setup -- (Kaspersky Lab)
"C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Documents and Settings\Pavel - Šoltys\Plocha\utorrent17920\utorrent.exe" = C:\Documents and Settings\Pavel - Šoltys\Plocha\utorrent17920\utorrent.exe:*:Enabled:µTorrent -- File not found
"C:\Program Files\iSpQ VideoChat 9\ispqvideochat9.exe" = C:\Program Files\iSpQ VideoChat 9\ispqvideochat9.exe:*:Enabled:iSpQ Video chat software for desktop computers. -- File not found
"C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.dll" = C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin -- (Google)
"C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{24C4BB38-F45D-4247-90B9-7E6CAA877FF3}" = TotalMedia Setup
"{34A350D1-64FB-36D8-9D0C-1CD8E392DBA5}" = Google Talk Plugin
"{4FAD70B6-E246-496E-9719-449E3756BF0B}" = ESET NOD32 Antivirus
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.4 - Czech
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Bubble Bounce 2 Screensaver" = Bubble Bounce 2 Screensaver
"Bubble Bounce Screensaver" = Bubble Bounce Screensaver
"CCleaner" = CCleaner
"Revo Uninstaller" = Revo Uninstaller 1.89
"ShockwaveFlash" = Macromedia Flash Player 8
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2913755061-352055090-1495985658-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8.9.2010 18:06:52 | Computer Name = ACER-F26B0E4EE4 | Source = Google Update | ID = 20
Description =
Error - 8.9.2010 19:06:51 | Computer Name = ACER-F26B0E4EE4 | Source = Google Update | ID = 20
Description =
Error - 8.9.2010 20:06:56 | Computer Name = ACER-F26B0E4EE4 | Source = Google Update | ID = 20
Description =
Error - 9.9.2010 5:45:41 | Computer Name = ACER-F26B0E4EE4 | Source = Google Update | ID = 20
Description =
Error - 9.9.2010 5:53:01 | Computer Name = ACER-F26B0E4EE4 | Source = Google Update | ID = 20
Description =
Error - 9.9.2010 6:52:53 | Computer Name = ACER-F26B0E4EE4 | Source = Google Update | ID = 20
Description =
Error - 9.9.2010 8:55:04 | Computer Name = ACER-F26B0E4EE4 | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481,
P2 1029, P3 1605, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10
0.
Error - 14.9.2010 15:29:23 | Computer Name = ACER-F26B0E4EE4 | Source = Google Update | ID = 20
Description =
Error - 14.9.2010 15:39:59 | Computer Name = ACER-F26B0E4EE4 | Source = Google Update | ID = 20
Description =
Error - 14.9.2010 15:45:54 | Computer Name = ACER-F26B0E4EE4 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace notepad.exe, verze 5.1.2600.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 14.9.2010 10:30:47 | Computer Name = ACER-F26B0E4EE4 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.100.100 pro síťovou kartu s adresou 00022D676DA1
byla serverem DHCP 192.168.100.252 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 14.9.2010 10:31:11 | Computer Name = ACER-F26B0E4EE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby gusvc
s argumenty za účelem spuštění serveru: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8}
Error - 14.9.2010 11:45:25 | Computer Name = ACER-F26B0E4EE4 | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace rozhraní Microsoft .NET Framework 3.5
SP1 a .NET Framework 2.0 SP2 pro Windows Server 2003 a Windows XP x86 (KB982524).
Error - 14.9.2010 16:54:57 | Computer Name = ACER-F26B0E4EE4 | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace rozhraní Microsoft .NET Framework 3.5
SP1 a .NET Framework 2.0 SP2 pro Windows Server 2003 a Windows XP x86 (KB982524).
Error - 14.9.2010 17:26:27 | Computer Name = ACER-F26B0E4EE4 | Source = Service Control Manager | ID = 7031
Description = Služba Služba inteligentního přenosu na pozadí (BITS) byla nečekaně
ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund:
Restartovat službu.
Error - 14.9.2010 17:26:27 | Computer Name = ACER-F26B0E4EE4 | Source = Service Control Manager | ID = 7034
Description = Služba Šifrování byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 14.9.2010 17:26:27 | Computer Name = ACER-F26B0E4EE4 | Source = Service Control Manager | ID = 7034
Description = Služba Klient DHCP byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 14.9.2010 17:26:27 | Computer Name = ACER-F26B0E4EE4 | Source = Service Control Manager | ID = 7034
Description = Služba Zasílání zpráv o chybách byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 15.9.2010 13:15:14 | Computer Name = ACER-F26B0E4EE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby gusvc
s argumenty za účelem spuštění serveru: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8}
Error - 15.9.2010 15:00:55 | Computer Name = ACER-F26B0E4EE4 | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace rozhraní Microsoft .NET Framework 3.5
SP1 a .NET Framework 2.0 SP2 pro Windows Server 2003 a Windows XP x86 (KB982524).
< End of report >
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Documents and Settings\Pavel - Šoltys\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
446,00 Mb Total Physical Memory | 130,00 Mb Available Physical Memory | 29,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2000 2000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 26,38 Gb Total Space | 10,23 Gb Free Space | 38,80% Space Free | Partition Type: FAT32
Drive D: | 26,55 Gb Total Space | 26,48 Gb Free Space | 99,74% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ACER-F26B0E4EE4
Current User Name: Pavel - Šoltys
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.js [@ = JSFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\CScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2913755061-352055090-1495985658-1005\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\ICQ6\ICQ.exe" = C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- File not found
"C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe" = C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files\Kaspersky Internet Security 2009\Czech\setup.exe:*:Enabled:Kaspersky Internet Security 2009 Setup -- (Kaspersky Lab)
"C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Documents and Settings\Pavel - Šoltys\Plocha\utorrent17920\utorrent.exe" = C:\Documents and Settings\Pavel - Šoltys\Plocha\utorrent17920\utorrent.exe:*:Enabled:µTorrent -- File not found
"C:\Program Files\iSpQ VideoChat 9\ispqvideochat9.exe" = C:\Program Files\iSpQ VideoChat 9\ispqvideochat9.exe:*:Enabled:iSpQ Video chat software for desktop computers. -- File not found
"C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.dll" = C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin -- (Google)
"C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Pavel - Šoltys\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{24C4BB38-F45D-4247-90B9-7E6CAA877FF3}" = TotalMedia Setup
"{34A350D1-64FB-36D8-9D0C-1CD8E392DBA5}" = Google Talk Plugin
"{4FAD70B6-E246-496E-9719-449E3756BF0B}" = ESET NOD32 Antivirus
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.4 - Czech
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Bubble Bounce 2 Screensaver" = Bubble Bounce 2 Screensaver
"Bubble Bounce Screensaver" = Bubble Bounce Screensaver
"CCleaner" = CCleaner
"Revo Uninstaller" = Revo Uninstaller 1.89
"ShockwaveFlash" = Macromedia Flash Player 8
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2913755061-352055090-1495985658-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8.9.2010 18:06:52 | Computer Name = ACER-F26B0E4EE4 | Source = Google Update | ID = 20
Description =
Error - 8.9.2010 19:06:51 | Computer Name = ACER-F26B0E4EE4 | Source = Google Update | ID = 20
Description =
Error - 8.9.2010 20:06:56 | Computer Name = ACER-F26B0E4EE4 | Source = Google Update | ID = 20
Description =
Error - 9.9.2010 5:45:41 | Computer Name = ACER-F26B0E4EE4 | Source = Google Update | ID = 20
Description =
Error - 9.9.2010 5:53:01 | Computer Name = ACER-F26B0E4EE4 | Source = Google Update | ID = 20
Description =
Error - 9.9.2010 6:52:53 | Computer Name = ACER-F26B0E4EE4 | Source = Google Update | ID = 20
Description =
Error - 9.9.2010 8:55:04 | Computer Name = ACER-F26B0E4EE4 | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481,
P2 1029, P3 1605, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10
0.
Error - 14.9.2010 15:29:23 | Computer Name = ACER-F26B0E4EE4 | Source = Google Update | ID = 20
Description =
Error - 14.9.2010 15:39:59 | Computer Name = ACER-F26B0E4EE4 | Source = Google Update | ID = 20
Description =
Error - 14.9.2010 15:45:54 | Computer Name = ACER-F26B0E4EE4 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace notepad.exe, verze 5.1.2600.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 14.9.2010 10:30:47 | Computer Name = ACER-F26B0E4EE4 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.100.100 pro síťovou kartu s adresou 00022D676DA1
byla serverem DHCP 192.168.100.252 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 14.9.2010 10:31:11 | Computer Name = ACER-F26B0E4EE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby gusvc
s argumenty za účelem spuštění serveru: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8}
Error - 14.9.2010 11:45:25 | Computer Name = ACER-F26B0E4EE4 | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace rozhraní Microsoft .NET Framework 3.5
SP1 a .NET Framework 2.0 SP2 pro Windows Server 2003 a Windows XP x86 (KB982524).
Error - 14.9.2010 16:54:57 | Computer Name = ACER-F26B0E4EE4 | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace rozhraní Microsoft .NET Framework 3.5
SP1 a .NET Framework 2.0 SP2 pro Windows Server 2003 a Windows XP x86 (KB982524).
Error - 14.9.2010 17:26:27 | Computer Name = ACER-F26B0E4EE4 | Source = Service Control Manager | ID = 7031
Description = Služba Služba inteligentního přenosu na pozadí (BITS) byla nečekaně
ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund:
Restartovat službu.
Error - 14.9.2010 17:26:27 | Computer Name = ACER-F26B0E4EE4 | Source = Service Control Manager | ID = 7034
Description = Služba Šifrování byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 14.9.2010 17:26:27 | Computer Name = ACER-F26B0E4EE4 | Source = Service Control Manager | ID = 7034
Description = Služba Klient DHCP byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 14.9.2010 17:26:27 | Computer Name = ACER-F26B0E4EE4 | Source = Service Control Manager | ID = 7034
Description = Služba Zasílání zpráv o chybách byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 15.9.2010 13:15:14 | Computer Name = ACER-F26B0E4EE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby gusvc
s argumenty za účelem spuštění serveru: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8}
Error - 15.9.2010 15:00:55 | Computer Name = ACER-F26B0E4EE4 | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace rozhraní Microsoft .NET Framework 3.5
SP1 a .NET Framework 2.0 SP2 pro Windows Server 2003 a Windows XP x86 (KB982524).
< End of report >
Re: hodně zpomalené všechny funkce
Já se moc omlouvám. Už toho mám dneska dost. Mrknu na to hned ráno. Zatím dobrou noc.
Re: hodně zpomalené všechny funkce
díky moc... už mě to zlobí cca dva měsíce, takže den nebo týden navíc mě nezabije... jsem rád, že mi jsi ochotný pomoct...
dobrou noc
dobrou noc
Re: hodně zpomalené všechny funkce
Do okna, kam jste vkládal první script vložte tento a dejte Opravit.
VLožte sem log, který na vás vyjuknepo restartu.
+ doporučuju odinstalovat všechny zbytečný toolbary.
Kód: Vybrat vše
:OTL
SRV - File not found [Disabled | Stopped] -- C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe -- (MyWebSearchService)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
IE - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... g4upPOIG5A
IE - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll File not found
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin [2010.03.23 22:16:38 | 000,000,000 | ---D | M]
O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - No CLSID value found.
O2 - BHO: (no name) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O3 - HKU\S-1-5-21-2913755061-352055090-1495985658-1005\..\Toolbar\WebBrowser: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No CLSID value found.
O33 - MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\Shell\AUtOpLAY\coMmAnD - "" = G:\hyxq.exe -- File not found
O33 - MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\Shell\AutoRun\command - "" = G:\hyxq.exe -- File not found
O33 - MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\Shell\ExpLOre\CoMMand - "" = G:\hyxq.exe -- File not found
O33 - MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\Shell\OPen\commANd - "" = G:\hyxq.exe -- File not found
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
:Files
C:\PROGRAM FILES\MYWEBSEARCH
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
+ doporučuju odinstalovat všechny zbytečný toolbary.
Re: hodně zpomalené všechny funkce
promin, nevím, co jsou toolbary...
All processes killed
========== OTL ==========
Service MyWebSearchService stopped successfully!
Service MyWebSearchService deleted successfully!
File C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-2913755061-352055090-1495985658-1005\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2913755061-352055090-1495985658-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2913755061-352055090-1495985658-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44cf-8957-5838F569A31D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\ not found.
Registry value HKEY_USERS\S-1-5-21-2913755061-352055090-1495985658-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\chrome folder moved successfully.
C:\Program Files\MyWebSearch\bar\1.bin folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
Registry value HKEY_USERS\S-1-5-21-2913755061-352055090-1495985658-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7baeff90-4575-11de-9d9f-00c09fd2e956}\ not found.
File G:\hyxq.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7baeff90-4575-11de-9d9f-00c09fd2e956}\ not found.
File G:\hyxq.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7baeff90-4575-11de-9d9f-00c09fd2e956}\ not found.
File G:\hyxq.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7baeff90-4575-11de-9d9f-00c09fd2e956}\ not found.
File G:\hyxq.exe not found.
C:\WINDOWS\000001_.tmp deleted successfully.
C:\WINDOWS\002616_.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
========== FILES ==========
C:\PROGRAM FILES\MyWebSearch\bar\History folder moved successfully.
C:\PROGRAM FILES\MyWebSearch\bar\Cache folder moved successfully.
C:\PROGRAM FILES\MyWebSearch\bar\Settings folder moved successfully.
C:\PROGRAM FILES\MyWebSearch\bar\icons folder moved successfully.
C:\PROGRAM FILES\MyWebSearch\bar\Game folder moved successfully.
C:\PROGRAM FILES\MyWebSearch\bar\Notifier folder moved successfully.
C:\PROGRAM FILES\MyWebSearch\bar\Message folder moved successfully.
C:\PROGRAM FILES\MyWebSearch\bar\Avatar folder moved successfully.
C:\PROGRAM FILES\MyWebSearch\bar folder moved successfully.
C:\PROGRAM FILES\MyWebSearch folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: All Users
User: NetworkService
->Temp folder emptied: 126744 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 49554 bytes
User: Pavel - Šoltys
->Temp folder emptied: 9566493 bytes
->Temporary Internet Files folder emptied: 12176117 bytes
->FireFox cache emptied: 12727687 bytes
->Google Chrome cache emptied: 79300427 bytes
->Flash cache emptied: 2676 bytes
User: Pablo
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4192 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 80944932 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 570423 bytes
Total Files Cleaned = 187,00 mb
[EMPTYFLASH]
User: Default User
User: All Users
User: NetworkService
User: LocalService
User: Pavel - Šoltys
->Flash cache emptied: 0 bytes
User: Pablo
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
OTL by OldTimer - Version 3.2.12.1 log created on 09162010_195317
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
Service MyWebSearchService stopped successfully!
Service MyWebSearchService deleted successfully!
File C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-2913755061-352055090-1495985658-1005\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2913755061-352055090-1495985658-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2913755061-352055090-1495985658-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44cf-8957-5838F569A31D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\ not found.
Registry value HKEY_USERS\S-1-5-21-2913755061-352055090-1495985658-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\chrome folder moved successfully.
C:\Program Files\MyWebSearch\bar\1.bin folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
Registry value HKEY_USERS\S-1-5-21-2913755061-352055090-1495985658-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7baeff90-4575-11de-9d9f-00c09fd2e956}\ not found.
File G:\hyxq.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7baeff90-4575-11de-9d9f-00c09fd2e956}\ not found.
File G:\hyxq.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7baeff90-4575-11de-9d9f-00c09fd2e956}\ not found.
File G:\hyxq.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7baeff90-4575-11de-9d9f-00c09fd2e956}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7baeff90-4575-11de-9d9f-00c09fd2e956}\ not found.
File G:\hyxq.exe not found.
C:\WINDOWS\000001_.tmp deleted successfully.
C:\WINDOWS\002616_.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
========== FILES ==========
C:\PROGRAM FILES\MyWebSearch\bar\History folder moved successfully.
C:\PROGRAM FILES\MyWebSearch\bar\Cache folder moved successfully.
C:\PROGRAM FILES\MyWebSearch\bar\Settings folder moved successfully.
C:\PROGRAM FILES\MyWebSearch\bar\icons folder moved successfully.
C:\PROGRAM FILES\MyWebSearch\bar\Game folder moved successfully.
C:\PROGRAM FILES\MyWebSearch\bar\Notifier folder moved successfully.
C:\PROGRAM FILES\MyWebSearch\bar\Message folder moved successfully.
C:\PROGRAM FILES\MyWebSearch\bar\Avatar folder moved successfully.
C:\PROGRAM FILES\MyWebSearch\bar folder moved successfully.
C:\PROGRAM FILES\MyWebSearch folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: All Users
User: NetworkService
->Temp folder emptied: 126744 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 49554 bytes
User: Pavel - Šoltys
->Temp folder emptied: 9566493 bytes
->Temporary Internet Files folder emptied: 12176117 bytes
->FireFox cache emptied: 12727687 bytes
->Google Chrome cache emptied: 79300427 bytes
->Flash cache emptied: 2676 bytes
User: Pablo
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4192 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 80944932 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 570423 bytes
Total Files Cleaned = 187,00 mb
[EMPTYFLASH]
User: Default User
User: All Users
User: NetworkService
User: LocalService
User: Pavel - Šoltys
->Flash cache emptied: 0 bytes
User: Pablo
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
OTL by OldTimer - Version 3.2.12.1 log created on 09162010_195317
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Re: hodně zpomalené všechny funkce
Toolbary jsou programy, které nabízejí určité služby v intternetovém prohlížeči. Máte tam:
C:\Program Files\ICQ6Toolbar
C:\Program Files\Family Toolbar
C:\Program Files\Google\Google Toolbar
C:\Program Files\Skype\Toolbars
Pokud to nepoužíváte a v podstatě ani nevíte, k čemu jsou, doporučuju je přes Přidat-odebrat programy odinstalovat.
Navir to nevypadá, spíš na zanedbanou údržbu. Udělejte následující věci a pak dejte vědět, zda je to lepší.
1) Vycistitete pocitac od zbytecnosti:
Stahnete si uzitecny programek CCleaner. Pri instalaci pozor! Nova verze vam vnuti v normal nastaveni instalaci yahoo toolbaru.Pokud o nej nestojite, musite jej rucne vykliknout! po spusteni samotneho programu postupujte takto:
- Zalozka Cistic. Klik na Analyzovat a po dokonceni scanu na Spustit Cleaner. V te same zalozce totez u Aplikaci.
- Zalozka Registry. Klik na Hledej problemy a po dokonceni scanu na Opravit vybrane problemy.Potvrdte a pokud chcete ulozit zalohu, ulozte.
TENTO POSTUP DOPORUCUJU PROVADET ALESPON JEDENKRAT TYDNE!
2) Zbavte se zbytecne spustenych programu:
Stahnete StartUpLite a spustte. Programek vypise vsechny zbytecne polozky, ktere se Vam spousteji po startu pocitace a oznaci je. Pokud chcete nekterou polozku spoustet i tak, musite u polozky odskrtnout fajfku. Pokud souhlasite, kliknete na Continue a restartuje pocitac.
3) Defragmentujte pevny disk:
Stahnete MyDefrag. pomocí neho muzete defragmentovat jak pevny disk, tak USB Flash disky, ci dokonce diskety atp.
TENTO POSTUP DOPORUCUJU PROVADET ALESPON JEDENKRAT ZA PUL ROKU!
4) Nezapomente aktualizovat:
A to v podstate vsechno. Od aktualizaci Windows az po prehravace, Javu a jine. O bezpectnostnim softwaru ani nemluvim. Zajimavym pomocnikem je v tomto ohledu Update Checker, ktery Vam aktualizace vseho mozneho, co obsahuje Vas plechovy milacek, zajisti v podstate sam. Staci pouze stahnou jim vybrane aktualizace.
C:\Program Files\ICQ6Toolbar
C:\Program Files\Family Toolbar
C:\Program Files\Google\Google Toolbar
C:\Program Files\Skype\Toolbars
Pokud to nepoužíváte a v podstatě ani nevíte, k čemu jsou, doporučuju je přes Přidat-odebrat programy odinstalovat.
Navir to nevypadá, spíš na zanedbanou údržbu. Udělejte následující věci a pak dejte vědět, zda je to lepší.
1) Vycistitete pocitac od zbytecnosti:
Stahnete si uzitecny programek CCleaner. Pri instalaci pozor! Nova verze vam vnuti v normal nastaveni instalaci yahoo toolbaru.Pokud o nej nestojite, musite jej rucne vykliknout! po spusteni samotneho programu postupujte takto:- Zalozka Cistic. Klik na Analyzovat a po dokonceni scanu na Spustit Cleaner. V te same zalozce totez u Aplikaci.
- Zalozka Registry. Klik na Hledej problemy a po dokonceni scanu na Opravit vybrane problemy.Potvrdte a pokud chcete ulozit zalohu, ulozte.
TENTO POSTUP DOPORUCUJU PROVADET ALESPON JEDENKRAT TYDNE!
2) Zbavte se zbytecne spustenych programu:
Stahnete StartUpLite a spustte. Programek vypise vsechny zbytecne polozky, ktere se Vam spousteji po startu pocitace a oznaci je. Pokud chcete nekterou polozku spoustet i tak, musite u polozky odskrtnout fajfku. Pokud souhlasite, kliknete na Continue a restartuje pocitac.
3) Defragmentujte pevny disk:
Stahnete MyDefrag. pomocí neho muzete defragmentovat jak pevny disk, tak USB Flash disky, ci dokonce diskety atp.
TENTO POSTUP DOPORUCUJU PROVADET ALESPON JEDENKRAT ZA PUL ROKU!
4) Nezapomente aktualizovat:
A to v podstate vsechno. Od aktualizaci Windows az po prehravace, Javu a jine. O bezpectnostnim softwaru ani nemluvim. Zajimavym pomocnikem je v tomto ohledu Update Checker, ktery Vam aktualizace vseho mozneho, co obsahuje Vas plechovy milacek, zajisti v podstate sam. Staci pouze stahnou jim vybrane aktualizace.
Re: hodně zpomalené všechny funkce
Díky moc,
ccleaner používám asi jednou měsíčně, defragmentaci provádím pomocí integrováného programu windows, programy po spuštění jsem díky tvému programu zrušil a díky tobě jsem i update jednotlivých programů v pc aktualizoval... Toolbary šly do pryč... Je to mnohem lepší. Vím, že mohl být zanešený, protože jsem jen klasický nevědomý uživatel a trochu se s údržbou bojím hýbat. Jsi moc hodný, pc jede jako hodinky - respekt...
ccleaner používám asi jednou měsíčně, defragmentaci provádím pomocí integrováného programu windows, programy po spuštění jsem díky tvému programu zrušil a díky tobě jsem i update jednotlivých programů v pc aktualizoval... Toolbary šly do pryč... Je to mnohem lepší. Vím, že mohl být zanešený, protože jsem jen klasický nevědomý uživatel a trochu se s údržbou bojím hýbat. Jsi moc hodný, pc jede jako hodinky - respekt...
Re: hodně zpomalené všechny funkce
Rádo se stalo. Baví nás to a pomáháme rádi. 
Mějte se fajn a kdyby byly problémy, neváhejte se ozvat.
Pěkný víkend.
Mějte se fajn a kdyby byly problémy, neváhejte se ozvat.
Pěkný víkend.
Přispějete na provoz fóra?